Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

9,969 advisories

Loading
The PowerBI Embed Reports plugin for WordPress is vulnerable to Sensitive Information Disclosure... Moderate Unreviewed
CVE-2025-10750 was published Oct 18, 2025
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in The Wikimedia... Moderate Unreviewed
CVE-2025-62669 was published Oct 18, 2025
Strapi core vulnerable to sensitive data exposure via CORS misconfiguration Moderate
CVE-2025-53092 was published for @strapi/core (npm) Oct 16, 2025
ghostvirus62 derrickmehaffy
alexandrebodin innerdvations
Credited to ghostvirus62, derrickmehaffy, alexandrebodin, and innerdvations
The External Login plugin for WordPress is vulnerable to sensitive information exposure in all... Moderate Unreviewed
CVE-2025-11196 was published Oct 15, 2025
Exposure of sensitive information to an unauthorized actor in Windows Taskbar Live allows an... Low Unreviewed
CVE-2025-59294 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized... Low Unreviewed
CVE-2025-59284 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual... Moderate Unreviewed
CVE-2025-59260 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an... Moderate Unreviewed
CVE-2025-59214 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core... Moderate Unreviewed
CVE-2025-59211 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows Push Notification Core... Moderate Unreviewed
CVE-2025-59209 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an... Moderate Unreviewed
CVE-2025-58739 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows Failover Cluster allows an... Moderate Unreviewed
CVE-2025-59188 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows High Availability Services... Moderate Unreviewed
CVE-2025-59184 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized... Moderate Unreviewed
CVE-2025-59186 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized... Moderate Unreviewed
CVE-2025-55699 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized... Moderate Unreviewed
CVE-2025-55683 was published Oct 14, 2025
Exposure of sensitive information to an unauthorized actor in Windows Cloud Files Mini Filter... Moderate Unreviewed
CVE-2025-55336 was published Oct 14, 2025
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in Fortinet... Moderate Unreviewed
CVE-2025-59921 was published Oct 14, 2025
A compromised web process using malicious IPC messages could have caused the privileged browser... Critical Unreviewed
CVE-2025-11710 was published Oct 14, 2025
When switching between Android apps using the card carousel Firefox shows a black screen as its... Critical Unreviewed
CVE-2025-11717 was published Oct 14, 2025
Omni vulnerable to information leak via API High
CVE-2025-61688 was published for github.com/siderolabs/omni (Go) Oct 13, 2025
utkuozdemir
Credited to utkuozdemir
Hardcoded TLS private key and certificate in firmware in Kiloview N30 2.02.246 allows malicious... High Unreviewed
CVE-2025-8915 was published Oct 13, 2025
A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown... Low Unreviewed
CVE-2025-11647 was published Oct 13, 2025
A security vulnerability has been detected in Tomofun Furbo Mobile App up to 7.57.0a on Android.... Low Unreviewed
CVE-2025-11645 was published Oct 12, 2025
A weakness has been identified in Tomofun Furbo 360 and Furbo Mini. Affected by this issue is... Low Unreviewed
CVE-2025-11644 was published Oct 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database